Privacy Policy

Document Ref: POL-DTM-2026-001
Jurisdiction: Pune, Maharashtra, India

1. PURPOSE AND SCOPE
   
   This Privacy Policy (the “Policy”) establishes the framework for the collection, processing, and protection of personal and corporate data by DTekMicro LLP. This Policy applies to all services provided by the Company, including but not limited to IT Staffing,Software Development, Managed Services.
   

2. DEFINITIONS

• “Data Subject” refers to any individual or corporate entity whose information is processed (Clients, Candidates, or Website Visitors).
• “Personal Data” includes any information that identifies a natural person, as defined under the Digital Personal Data Protection (DPDP) Act and GDPR.
• “Technical Data” includes server configurations, memory module specifications (DRAM/Flash), and network architecture details.

3. INFORMATION COLLECTION AND CLASSIFICATION
   The Company collects information under the following categories:

3.1. IT Staffing & Recruitment Data

In our capacity as a staffing solution provider, we collect:

• Professional resumes, certifications, and employment history.
• Tax identification numbers and government-issued IDs for payroll and compliance.
• Interview evaluations and technical competency assessments.

3.2. Software Solutions & Client Data

To facilitate software development and IT infrastructure support, we collect:

• Project specifications and proprietary business logic.
• Server hardware inventories (e.g., specific DDR3/DDR4/DDR5 part numbers and quantities).
• Administrative access credentials (where explicitly granted for managed services)

4. LEGAL BASIS FOR PROCESSING
   DTekMicro LLP processes data only under the following legal grounds:
5. Contractual Necessity: To fulfil our obligations under a Master Service Agreement (MSA) or Statement of Work (SOW).
6. Consent: Explicit permission granted by the Data Subject during onboarding.
7. Legal Obligation: Compliance with Indian labour laws, tax regulations, and the IT Act.

5. DATA SECURITY AND ENCRYPTION STANDARDS
   
   The Company employs rigorous technical and organizational measures:

• Data at Rest: Encrypted using AES-256 standards.
• Data in Transit: Secured via Transport Layer Security (TLS) 1.3 protocols.
• Access Control: Implementation of the Principle of Least Privilege (PoLP); access
  to sensitive client databases is restricted to authorized personnel only.

6. INTERNATIONAL DATA TRANSFERS
   
   DTekMicro LLP facilitates IT services for global markets, including the United States. We ensure that cross-border data transfers comply with the standard contractual clauses (SCCs) and that the receiving party provides an equivalent level of data protection.

7. RETENTION AND DISPOSAL
   
   Data is retained only for the duration necessary to fulfil the purposes outlined in Section
   3.

• Candidate Data: Retained for [e.g., 2 years] unless a longer period is required for legal compliance.
• Client Project Data: Archived or purged within 90 days of contract termination, subject to final audit.

8. RIGHTS OF THE DATA SUBJECT
   
   Data Subjects are entitled to:

• Right to Access: Request a summary of personal data held by the Company.
• Right to Correction: Request rectification of inaccurate information.
• Right to Erasure: The “Right to be Forgotten,” subject to legal and tax retention requirements.

9. COMPLIANCE OFFICER
   
   For legal inquiries or to exercise data rights, please contact our designated Data Protection Officer (DPO):
   Attn: Data Protection Officer, DtekMicro LLP
   Office: Pune, Maharashtra, India
   Email: info@dtekmicro.com
   Official Website: www.dtekmicro.com
   Corporate Disclaimer
   DtekMicro reserves the right to amend this Policy to reflect changes in global data regulations. Continued use of our services constitutes acceptance of the most recent version of this Policy.